package com.zhx.bussiness.sign;

import com.zhx.util.util.RSAUtil;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

import javax.servlet.http.HttpServletRequest;

/**
 * describe:RSA签名的验签aop
 *
 * @author zhanghaixuan
 * @date 2018/06/14
 **/
@Component
@Aspect
public class SignAop {
    @Autowired
    private SignService signService;

    @Before(value = "@annotation(com.zhx.bussiness.sign.SignValid) && args(text,..)")
    public void verify(HttpServletRequest request,SignText text){
        String authId = request.getHeader(SignConstant.AUTHID);

        Assert.hasText(authId,"验签失败");

        String sign = request.getHeader(SignConstant.SIGN);

        Assert.hasText(sign,"验签失败");

        String publicKey = signService.getPublicKey(authId);

        Assert.hasText(publicKey,"验签失败");

        Assert.isTrue(RSAUtil.verify(text.toText(),sign,publicKey),"验签失败");
    }
}
